Android Security Essentials

Course Objective:
Android Security Essentials Course taught in Singapore is a two-day professional course thoroughly covering the Android™ security model and concerns from both the developer and end-user point of view

At course completion, the participant will be able to:

1. Understand Android software architecture.
2. Understand Android’s security model.
3. Build Android applications with security best practices in mind.
4. Build more secure and more robust application that appeals to clients.

Prerequisite:
For a best learning experience and a quick start with this course, a trainee is required to have adequate knowledge of the OOP(Object-Oriented Programming) of Java.
Previous knowledge and experience of any programming language is considered sufficient.


Certificate Of Attendance :
Certificate Of Attendance will be awarded to participants completing the course achieving minimum 75% attendance.

Training Duration:
Full-time: 2 weekdays / 2 Sats Time : 9.30am to 5.30pm
Part-time: 4 sessions Time : 7pm to 10pm (twice a week)

Training Methodology & Materials:
Practical hands-on sessions using Eclipse IDE and ADT(plugins).
1 person to 1 computer with great CPU processing power.
Well-designed tutorial sessions and screen capture to enhance further understanding of the courseware

Lesson 1: Introduction and Android Security Architecture

• Android Security Program Overview and Architecture.
• Kernel level security (Linux), and rooting Android.
• Android Application Components.
• The Application Sandbox.
• Managers and Services
• Activity Manager Service.
• Package Manager Service.
• Notification Manager Service.
• Search Manager Service.
• Connectivity, Telephony, and Wi-Fi Manager Services.
• Download and Storage Manager Services.
• Window Manager Service.

Lesson 2: Android Permission Model and third party applications

• Android Application Framework Layer.
• Third party application permissions.
• Using Protected APIs.
• Custom Permissions.
• Android Malware: Prevention, Detection, and Removal.
• Security Enhanced Android (SE Android).

Lesson 3: Component Security and Protecting data storage

• How Android achieves Inter-process communication.
• Restricting access to Android components.
• Vulnerabilities of Stored Data.
• Cryptography and Encryption.
• Signing your application.

Lesson 4: Client-Server communication security.

• Threats Facing Devices Transferring Data.
• Protecting web transferred data.
• Input Validation.
• Prevent Command Injection